The Design of Rijndael
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
On the Construction of Block Ciphers Provably Secure and Not Relying on Any Unproved Hypotheses
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On Generalized Feistel Structures Using the Diffusion Switching Mechanism
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
On the differential and linear efficiency of balanced Feistel networks
Information Processing Letters
Improving the generalized Feistel
FSE'10 Proceedings of the 17th international conference on Fast software encryption
On the diffusion of generalized Feistel structures regarding differential and linear cryptanalysis
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
On unbalanced Feistel networks with contracting MDS diffusion
Designs, Codes and Cryptography
On feistel structures using a diffusion switching mechanism
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
The provable constructive effect of diffusion switching mechanism in CLEFIA-type block ciphers
Information Processing Letters
On permutation layer of type 1, source-heavy, and target-heavy generalized feistel structures
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Generalized Feistel networks revisited
Designs, Codes and Cryptography
Preimage attacks on Feistel-SP functions: impact of omitting the last network twist
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
This work deals with the security and efficiency of type-I and type-II generalized Feistel networks (GFNs) with 4 lines. We propose to instantiate the GFNs with double SP-functions (substitutionpermutation layer followed by another substitution-permutation layer) instead of single SP-functions (one substitution-permutation layer). We provide tight lower bounds on the number of differentially and linearly active functions and S-boxes in such ciphers. Based on these bounds, we show that the instantiation with double SP-functions using MDS diffusion has a proportion of differentially and linearly active S-boxes by up to 33% and 50% higher than that with single SP-functions for type-I and type-II GFNs, respectively. This opens up the possibility of designing more efficient block ciphers based on GFN structure. Note that type-I and type-II GFNs are the only non-contracting GFNs with 4 lines under a reasonable definition of a GFN.